CN1846396A - Key information processing method, device thereof, and program - Google Patents

Key information processing method, device thereof, and program Download PDF

Info

Publication number
CN1846396A
CN1846396A CNA2004800248340A CN200480024834A CN1846396A CN 1846396 A CN1846396 A CN 1846396A CN A2004800248340 A CNA2004800248340 A CN A2004800248340A CN 200480024834 A CN200480024834 A CN 200480024834A CN 1846396 A CN1846396 A CN 1846396A
Authority
CN
China
Prior art keywords
key
mentioned
node
information processing
processing method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2004800248340A
Other languages
Chinese (zh)
Other versions
CN1846396B (en
Inventor
须贺祐治
林淳一
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Canon Inc
Original Assignee
Canon Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from JP2003321420A external-priority patent/JP4208678B2/en
Priority claimed from JP2003338679A external-priority patent/JP2005109753A/en
Application filed by Canon Inc filed Critical Canon Inc
Publication of CN1846396A publication Critical patent/CN1846396A/en
Application granted granted Critical
Publication of CN1846396B publication Critical patent/CN1846396B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Abstract

The present invention provides a method and an apparatus for processing key information. It is possible to safely constitute a key management method having an access structure identical to the hierarchical key management method with a small amount of calculations. The method includes: a setting step for setting a set (,) of the number of times the unidirectional Hash function is executed for each of the elements of the rank i; a key generation step for generating two separate keys for the elements as the value of the number of times the unidirectional function has been executed corresponding to the set of the number of times which has been set for the elements of the two original keys for each of the elements; and a key delivery step for delivering the two separate keys for the elements to each of the elements. Furthermore, the method includes an initial key generation step for calculating N keys with a route node positioned at the most significant node when generating a key at each node from a parent node and performing key delivery according to the hierarchical relationship expressed in a directed graph having no cycle; and a node key generation step for generating the value of the number of predetermined times the unidirectional function is executed according to the execution specification for M keys (M <= N) among the N initial keys in each node, as the M node keys for the node.

Description

Key information processing method and equipment thereof and program
Technical field
The present invention relates to key information processing method and equipment thereof and program, in detail, relate to the content delivering system or detachable (removable) medium control mode that are suitable for managing a plurality of keys that are used for deciphering, alleviate key information processing method and equipment and program that key generates the required operand and the load of the distribution number that relates to key at needs.
Background technology
In recent years, digital contents such as document or view data are increased day by day by the chance of huge storage capacity recording media such as communication line or DVD circulation.The digital content distribution service is the service that specific user is transmitted content, requires to have the structure that the content of not making is revealed to other users.In addition, aspect the content distribution of big capacity medium, also studying the mechanism of the same access control of being undertaken by the user.In this case, providing a kind of can encrypt or scrambling (scramble) is handled etc. content-data, only by having legal key information or know that the validated user of scramble process is decrypted processing, thereby enjoy the structure of contents such as regular document or view data.
In this content distribution service, there is the content supplier of distributing contents.Content supplier must carry out the setting of different access control informations to each of a plurality of contents, all will carry out the encryption of different keys to each content, each user and then to every kind of operation (for example, read, duplicate etc.) of user.In this processing, key generation, key preservation, key distribution etc. often are the very large work of load concerning content supplier for the management of key information.Therefore, for key management, carry out for the research that does not reduce security classification and more effective management method.Below existing several management methods are described.
[tree structure way to manage]
The tree structure way to manage, in the content reproducing device of off line formulas such as DVD player, use, be suitable for carrying out user's ineffective treatment, in this mode, to be used for encrypted secret key information and encrypted content and distribute simultaneously or be stored in the medium, so that can only be decrypted enciphered data by legal users.Must in advance key information be distributed to each user with suitable combination, but can manage huge user key information effectively by using tree structure.
In this way to manage, when deciding means good and bad, exist following index, 1) data volume, 2 of the key information distributed simultaneously with content) data volume, 3 of key information of user's prior distribution of preserving) need be by the data volume of the key information of content supplier's management.More than 3 indexs belong to such index.Under the situation of inline process type distribution services, should pay attention to the index 1 of left and right sides network throughput), but as what consider then to pay attention to most from the angle of content supplier is index 3) management cost.Therefore, must according to circumstances be careful the variation of index weight.
As the representative of tree structure way to manage, meaningful distribution model (for example, with reference to non-patent literature 1).In this model, utilize the tree structure of using as the key distribution of Figure 44, the different key of configuration on each node.User key (key that player such as supposition DVD etc. is preserved in paper) is regarded as identical with endpoint node (leaf node), and all key data of supposition preservation from the root node to the endpoint node.In this model, be susceptible to and upgrade, update the efficient of key ineffective treatment by this configuration producing continually.
[the key management mode of layering]
On the other hand, contemplated key management in the key management mode of layering, on each node, be identical with cipher key configuration, but maximum difference is user's distribution not only is positioned at the key (for example, with reference to non-patent literature 2,3) that endpoint node also is positioned at all nodes that comprise root.
In addition, also imagination is as the access structure of Figure 45 or Figure 46, rather than as the n apparatus derivatorius of Figure 44, when when the part is observed, can see the position that has as the relation of Figure 47.In this case, must provide can from the key that is disposed at node n1 and be disposed at node n2 key the two generate the structure of the key that node n3 will have.Paper (non-patent literature 3) according to Birget etc. has proposed following 2 kinds of methods as the mode that this structure is provided.
[the multiple key of (1) user (User multiple keying)]
Be the mode that each node is preserved a plurality of keys, constitute all keys that make father node preservation child node.Figure 48 is the one example, is putting down in writing the set of the key data that is distributed to each node.For example, can learn being assigned with and { include key data k5 on the father node of the node of k5}.Equally, also can learn, on father node, include all key datas of child node other nodes.
[(2) are based on the cipher key mode (One-way function based keyingschemes) of uni-directional function]
Be with the mode after method (non-patent literature 2) expansion of propositions such as Lin,, can reduce the key information that each node is preserved by using the one-way hash function.As shown in figure 47, when the key data according to a plurality of father nodes generates the key data of child node, need carry out following operation.With Figure 49 this operation is described.
In Figure 49, for generating k3, following column operations from key data k1 or k2:
k3:=F(k1,n3)XORr13
k3:=F(k2,n3)XORr23
In the formula, XOR is the nonequivalence operation of each.Function F () is the one-way hash function, will describe in detail below.N3 is the identifier of the associated node of key data k3, r13, r23 be respectively the random data that is associated by node n1 (key data k1) and node n3, by the random data that node n2 (key data k2) and node n3 are associated, these all are disclosed data.
Function F () by F (k_i, n_j)=g^{k_i+n_j}mod p (wherein, p is a prime number, and g is a primitive element) constitutes.Generate above-mentioned r13, r23 to satisfy F (k1, n3) XORr13=F (k2, n3) XORr23.
Non-patent literature 1: " digital content protection way to manage " SCIS2001, pp.213-218
Non-patent literature 2:C.H.Lin, " Dynamic key management Schemes foraccess control in a hierarchy " Computer Communications, 20:1381-1385,1997
Non-patent literature 3:J.-C.Birget, X.Zou, G.Noubir, B.Ramamurthy, " Hierarchy-Based Access Control in Distributed Environments " in theProceedings of IEEE ICC, June 2001
Summary of the invention
As mentioned above, in the key management mode of layering, when there are 2 or during more than 2 father node (Figure 47 is the example that has 2 father nodes) in the part, proposed to be used for generating the mode of same key data from different father nodes, but, in the multiple key of (1) user, each node must have a plurality of keys, therefore exist intensification with level, the problem that will increase with the key data that whole node numbers are preserved pro rata, in (2) cipher key mode based on uni-directional function, reduce by the key data amount of using the one-way hash function that each node is preserved, but must preserve r13 in addition, disclosed data such as r23, the problem that the data that therefore exist the intensification along with level identical with (1) to preserve increase.
Further, in (2), the one-way hash function has been used the power power operation.Although also considered structure based on the hash function that has trapdoor, in any case all to comprise the required computing of power power operation, thereby it is huge to assess the cost.Particularly, in the few equipment of calculation resources such as PDA, with regard to the expensive time, can not interweave in the time of therefore might working as data decryption (interactive) handles on cipher key calculation.
Therefore, the present invention develops in view of the above-mentioned problems, and its purpose is to provide a kind of key information processing method and the equipment and program that can constitute the key management mode with access structure identical with the key management mode of layering with few amount of calculation safely.
For solving above-mentioned problem, key information processing method of the present invention is characterized in that, comprising: set step, to each element of a plurality of elements with hierarchical relationship, set the collection of the execution regulation of uni-directional function; Key generates step, to above-mentioned each element, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And the key distribution step, to above-mentioned each element, distribution is used for 2 separate keys of this element.Herein, above-mentioned execution regulation is the execution number of times of above-mentioned uni-directional function.
In addition, carry out the key information processing method of key distribution at the key that generates from father node on each node according to the hierarchical relationship of representing with the directed graph that does not possess loop structure, comprise: initial key generates step, is being positioned at N key of calculating on the root node of highest order; Node key generates step, will become on each node according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key, is generated as the M corresponding with this a node node key, wherein, and M≤N.Herein, comprise from the key distribution step of above-mentioned each node distribution node key corresponding with child node or descendants's node.In addition, when above-mentioned directed graph exists the position that a plurality of different nodes are connecting by directed graph each other, these nodes are gathered with as a node processing.In addition, also comprise from the initial key of the number N of the Structure Calculation initial key of above-mentioned directed graph and count calculation procedure.
In addition, key information treatment facility of the present invention is characterized in that, comprising: setting device, to each element of a plurality of elements with hierarchical relationship, set the collection of the execution regulation of uni-directional function; Key generating device, to above-mentioned each element, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And key distribution device, to above-mentioned each element, distribution is used for 2 separate keys of this element.
In addition, can generate from father node the key information treatment facility of the key on each node according to the hierarchical relationship of representing with the directed graph that does not possess loop structure, it is characterized in that: comprising: the initial key generating apparatus is being positioned at N key of calculating on the root node of highest order; The node key generating apparatus will be generated as the M corresponding with this a node node key according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key on each node, wherein, and M≤N.
In addition, the program that can be read by computer of the present invention is characterized in that: make computer carry out key information processing method, this key information processing method comprises the setting step, to each element of a plurality of elements with hierarchical relationship, set the collection of the execution regulation of uni-directional function; Key generates step, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And the key distribution step, to above-mentioned each element, distribution is used for 2 separate keys of this element.
In addition, the program that another kind of the present invention can be read by computer, it is characterized in that: computer is carried out can be according to the hierarchical relationship of representing with the directed graph that does not possess loop structure, generate the key information processing method of the key on each node from father node, this key information processing method comprises: initial key generates step, is being positioned at N key of calculating on the root node of highest order; Node key generates step, will be generated as the M corresponding with this a node node key according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key on each node, wherein, and M≤N.
Other features and advantages of the present invention can be seen clearlyer from the following description of reference accompanying drawing.In addition, in the accompanying drawings, identical or same structure is marked with identical sequence number.
Description of drawings
Fig. 1 is the block diagram of structure of the treatment facility of expression embodiments of the present invention.
Fig. 2 is that the key of expression the 1st execution mode generates the figure with the 1st example of figure.
Fig. 3 is that the key of expression the 1st execution mode generates the figure with the 2nd example of figure.
Fig. 4 is the flow chart of step of key of the generation type A of expression the 1st execution mode.
Fig. 5 is that the key of expression the 1st execution mode generates the figure with the 3rd example of figure.
Fig. 6 is that the key of expression the 1st execution mode generates the figure with the 4th example of figure.
Fig. 7 is the concept map of flow chart of key of the generation type B of explanation the 1st execution mode.
Fig. 8 is that the different key of hierachy number of each level axle of expression the 1st execution mode generates the figure with the example of figure.
Fig. 9 is that the key of expression the 1st execution mode generates the figure with the 5th example of figure.
Figure 10 is that the key of expression the 1st execution mode generates the figure with the 6th example of figure.
Figure 11 is that the key of expression the 1st execution mode generates the figure with the 7th example of figure.
Figure 12 is the figure of the corresponding relation of explanation tree structure of the 2nd execution mode and matrix.
Figure 13 is that the key of expression the 2nd execution mode generates the figure with the 1st example of figure.
Figure 14 is that the key of expression the 2nd execution mode generates the figure with the 2nd example of figure.
Figure 15 is the figure of the fusion key of explanation the 2nd execution mode.
Figure 16 is the flow chart that key is merged in the generation of the 2nd execution mode.
Figure 17 is the flow chart that the generation of the 2nd execution mode is of a size of the fusion key of Nx*Ny.
Figure 18 is the flow chart of step of key of the generation type A of expression the 2nd execution mode.
Figure 19 is the flow chart of step of key of the generation type B of expression the 2nd execution mode.
Figure 20 is that the different key of hierachy number of each level axle of expression the 2nd execution mode generates the figure with another example of figure.
Figure 21 is that the key of expression the 2nd execution mode generates the figure with the 3rd example of figure.
Figure 22 is the figure of the 1st example of the directed graph of explanation the 3rd execution mode.
Figure 23 is that the key of expression the 3rd execution mode generates the figure with the 1st example of figure.
Figure 24 is the figure of the 1st example of the key distribution matrix of expression the 3rd execution mode.
Figure 25 is the figure of the 1st example cut apart of node in the directed graph that Figure 22 put down in writing of explanation the 3rd execution mode.
Figure 26 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 27 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 28 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 29 is the figure of the 2nd example cut apart of node in the directed graph that Figure 22 put down in writing of explanation the 3rd execution mode.
Figure 30 is the figure of the 2nd example of the key distribution matrix of expression the 3rd execution mode.
Figure 31 is the flow chart that the node key of expression the 3rd execution mode generates step.
Figure 32 is the figure of the 2nd example of the directed graph of expression the 3rd execution mode.
Figure 33 is the figure of the 3rd example cut apart of node in the directed graph that Figure 32 put down in writing of explanation the 3rd execution mode.
Figure 34 is that the key of expression the 3rd execution mode generates the figure with the 2nd example of figure.
Figure 35 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 36 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 37 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 38 is the key distribution matrix of state in interstage of the formation key distribution matrix of expression the 3rd execution mode.
Figure 39 is that the key of expression the 3rd execution mode generates the figure with the 3rd example of figure.
Figure 40 is the figure of example of the directed graph that exists the node with two-way annexation of expression the 3rd execution mode.
Figure 41 is the figure that the directed graph with Figure 40 put down in writing of expression the 3rd execution mode changes to the example of the directed graph that does not have the node with two-way annexation.
Figure 42 is the concept map of the level type access structure of explanation present embodiment.
Figure 43 is the table of the image guide look that will encrypt of each node of expression of present embodiment.
Figure 44 is the concept map of 2 branch access structures in the specification tree structure management mode.
Figure 45 is the concept map of access structure in the access control scheme of explanation layering.
Figure 46 is the concept map of access structure in the access control scheme of explanation layering.
Figure 47 is the concept map of partial structurtes in the access control scheme of explanation layering.
Figure 48 is the figure of the example of the multiple key of explanation user.
Figure 49 is the figure of explanation based on the cipher key mode of uni-directional function.
Embodiment
Below, with reference to description of drawings preferred forms of the present invention.
The structure example of the key information treatment facility of<present embodiment 〉
Fig. 1 is the block diagram of structure that the key information treatment facility of embodiments of the present invention roughly is shown.
In addition, when realization is of the present invention, and the repertoire shown in nonessential use Fig. 1.
In Fig. 1, key information treatment facility 100, comprise public line etc. modulator-demodulator 118, monitor 102, CPU103, ROM104, RAM105, HD (hard disk) 106, network of network connecting portion 107, CD108, FD (floppy disk) 109, DVD (digital video disk or Digital Versatile Disk) 110, printer 115 as display part interface (I/F) 117 and as the interface (I/F) 111 of the mouse 112 of operating portion, keyboard 113 etc., above-mentioned each unit can connect each other communicatedly by bus 116.
Mouse 112 and keyboard 113 are operating portions that the user is used to import various indications to key information treatment facility 100 etc.Information (operation information) by this operating portion input by interface 111, is input in the key information treatment facility 100.
Various information in the key information treatment facility 100 (character information or image information etc.) can be exported by printer prints.
Monitor 102 carries out the demonstration to the various information of user's various indication informations, character information or image information etc.
CPU103 carries out the overall action control of key information treatment facility 100, by reading and carry out handling procedure (software program) from HD (hard disk) 106 grades, controls whole key information treatment facility 100.Particularly, in the present embodiment, CPU103 by read and carry out the handling procedure of realizing that key generates from HD (hard disk) 106 grades, implements information processing described later.
ROM104, storage is used for the handling procedure of key generation or the various data of using in program (key generates and uses figure etc.) etc.
RAM105, for carrying out the various processing among the CPU103, as the operation of the information that is used for temporary transient storage processing program and process object with uses such as zones.
HD106 is the composed component as an example of mass storage device, when preserving various data or carrying out various handle to the handling procedure that is used for information conversion processing etc. of transmission such as RAM105 etc.
CD (CD driver) 108 has to read in to be stored in as the data in the CD (CD-R) of an example of exterior storage medium or with data and writes function in this CD.
FD (floppy disk) 109, the same with CD108, read the data that are stored in as in the FD109 of an example of exterior storage medium.And, have the function that various data is write above-mentioned FD109.
DVD (digital video disk machine) 110, the same with CD108 or FD109, read the data that are stored in as in the DVD110 of an example of exterior storage medium, and, have the function that data is write above-mentioned DVD110.
In addition, when program of exterior storage mediums such as CD108, FD109, DVD110 storages for example being edited usefulness or printed driver, also can constitute these programs are installed on HD106 in advance and are sent to RAM105 as required.
Interface (I/F) 111 is used to accept the input from the user who uses mouse 112 and keyboard 113.
Modulator-demodulator 118 is communication modems, by interface (I/F) 119, for example is connected with the network of outside via public line etc.
Network connecting portion 107 by interface (I/F) 114, is connected with the network of outside.
The 1st execution mode that the key of<this equipment generates, manages 〉
Below, illustrate that the key of the said equipment generates, the 1st execution mode of management.
At first, the generation for the separate keys of each node in the key management mode of layering describes.Key generates, and generates according to the key shown in Fig. 2 and Fig. 3 and carries out with figure.
[key generation summary]
The separate keys of each node is divided into 2 types, promptly from 2 shared primary keys of all nodes implement hash functions and the type A-key that obtains, only when the node that is present in identical level be the type B key that 3 or 3 obtain when above.In addition, for simplicity, the sets definition that will be present in the node of identical level is the group who is called " line (rank) ".As line 1, the line sequence number is set at and whenever just increases by 1 through 1 level with root node.
[type A-key]
The example 2A of Fig. 2 and the 3A explanation of Fig. 3 as the type A-key.Suppose that 2 primary keys as the source that generates all type A-keys are respectively x, y.In the 3A of the 2A of Fig. 2 and Fig. 3,2 numerals that are additional to each node are implemented the number of times of hash function to x, y.For example, on the node that is designated as (2,4), set as the type A-key and preserve H (H (x)) and H (H (H (H (y)))).From now on, when implementing n hash function, be expressed as H^n () briefly.According to this representation, the node that is designated as (2,4) just has H^2 (x) and these 2 type A-keys of H^4 (y).
[type B key]
The example 2B of Fig. 2 and the 3B explanation of Fig. 3 as the type B key.It should be noted that the 2B of Fig. 2 and the 3B of Fig. 3 have respectively the identical hierarchical structure of 3A with 2A and Fig. 3 of Fig. 2.These keys do not exist in line 1 and line 2.In line 3, the key of (2,2) from type A has linked up it and implemented the H after the hash (H^2 (x) || H^2 (y)) and has been made as R30.The number of times of hash function is implemented in expression to R30 in the line 3 of the 2B of Fig. 2.3 nodes that this means line 3 are preserved the type B key that is called H (R30), R30, H (R30) respectively from a left side.
Putting down in writing 2 numerals in line 4, the number of times of hash function is implemented in this expression to R40, R41.R40, R41 be from being generated by the total data of all nodes of line 3, for example, when when the type B key generates, establish the H that obtains from public data RND1 and RND2 (H (R30) || RND1) and H (H (R30) || RND2) be respectively R40, R41 gets final product.When generating R40 and R41, should note making it not calculate R41 or to calculate R40 from R40 from R41.With the exception of this, also can consider to use methods such as HMAC.
In the 3B of the 2B of Fig. 2 and Fig. 3,4 nodes that this means line 4 are preserved respectively from a left side and are called H (R40) and H (R41), R40 and H (R41), H (R40) and R41, H (R40) and the such type B key of H (R41).As for following line, generation also uses the same method.The moment that is set in node with line and is below 2 or 2 does not generate the type B key.That is, there is not the type B key in the line 8,9 among the 3B of the line among the 2B of Fig. 26,7 and Fig. 3.
[key generates the map generalization method of using]
The figure that is put down in writing among Fig. 2 and Fig. 3 generates by following rule.At first use the map generalization method of the flowchart text type A of Fig. 4.
(1) cipher key setting of line 1 is { (0,0) } (step S401).
(2) cipher key setting of line 2 is { (1,3), (3,1) } (step S402).
(3) establishing variable i is 3.In other words, establish i:=3 (step S403).
(4) to line i (i 〉=3), first prime component of establishing the maximum in the line (i-1) is Q (step S404).
If the node number among the line i is #R (i),
Then when #R (i)>#R (i-1), make key be (Q-2*#R (i)+5, Q+3), (Q-2*#R (i)+7, Q+1) ..., (Q+3, Q-2*#R (i)+5) },
When #R (i)<#R (i-1), make key be (Q-2*#R (i)+3, Q+1), (Q-2*#R (i)+5, Q-1) ..., (Q+1, Q-2*#R (i)+3) } and (step S405).
(5) if #R (i+1)=0 then finishes (step S406).Otherwise make i:=i+1, and return the processing (step S407) of (4).
Further, by handling (4) chooser routine (routine) before, can reduce the calculation process amount of hash function.
(4-1) for line i, when #R (i)<#R (i-1) and #R (i)=3, make key be (Q-3, Q), (Q-1, Q+2), (Q, Q+3) }, and make to handle and enter (5).
(4-2) for line i, when #R (i)<#R (i-1) and #R (i)=2, make key be (Q-1, Q), (Q, Q-1) }, and make to handle and enter (5).
(4-3) for line i, when #R (i)<#R (i-1) and #R (i)=1, making key is { (Q, Q) }, and makes to handle and enter (5).
When selecting this subroutine, the key that the 2A of Fig. 2 is obtained as shown in Figure 5 generates with figure, and the key that the 3A of Fig. 3 is obtained as shown in Figure 6 generates with figure.
Below, the map generalization method of the flowchart text type B of usefulness Fig. 7.Representation #R wherein (i) sets as described above.
(1) establishing variable i is 0.In other words, establish i:=0 (step S701).
(2) make i:=i+1 (step S702).
(3), then finish (step S703) as #R (i+1)=0.
(4), then set line i and do not have key, and return (2) (step S704, S706) as #R (i)<3.
(5) number of components of each key of line i is #R (i)-2, make key be (1 ..., 1), (0,1 ..., 1), (1,0 ..., 1) ..., (1 ..., 1,0), (1 ..., 1) }, and return (2) (step S705).
Handle (5), mean that two ends are all by 1 constituting, in addition only 0 (but not appearing at same position) occurring at 1 position.When #R (i)=6, be { (1,1,1,1), (0,1,1,1), (1,0,1,1), (1,1,0,1), (1,1,1,0), (1,1,1,1) }.
[legitimacy of key]
Above-mentioned figure generating mode satisfies following condition during generation.
Father node can generate the key of child node
Can not generate the key (unless uni-directional function dies down) of father node from the key information of child node
Even a plurality of entities are conspired, can not generate the key that is positioned at high-order node
According to these conditions, can realize to carry out safely that key generates and the key management mode of the layering of key distribution.
[key distribution]
Illustrate respectively by root key distributor (entity of root node) to the method for each node distributed key with by the entity of the preservation separate keys beyond the root key distributor method to low level node distributed key.At first, the root key distributor generates key x, y at random and safely, and with its separate keys as self.Further, according to above-mentioned key generate step with a plurality of cipher key configuration at each node.The root key distributor is to the key of each node of entity security ground distribution of being positioned at each node.And, as shown in Figures 2 and 3 key distribution figure is open, and can discern the data that the key of being distributed is the key of which position among the figure to each entity distribution.These data for example are set at by identification serial number in which the individual line in line sequence number and the same line of expression and are constituted.
The cryptographic key distribution method of the entity of root key distributor preservation separate keys in addition then, is described.The recognition data of the position of the key from separate keys and expression key distribution figure, the key data that generation is corresponding with child node or Sun Jiedian.For example, in the 2A of Fig. 2, have x ', y ' as the type A-key, if it is its position on figure is the 1st of line 3, then corresponding with (2,6).This entity, owing to be H^5 (x)=H^3 (H^2 (x))=H^3 (x ') and H^7 (y)=H (H^6 (y))=H (y '), as the key of child node (5,7), can be to being positioned at the 2nd node (corresponding to (5,7)) distribution H^3 (x ') and H (y ') of line 4.Obviously, also can similarly generate the key corresponding with other child nodes or Sun Jiedian.
In addition, for the type B key, according to above-mentioned generation step, can be in turn from it the key of position line generate the key of each line, because of identical, with its explanation omission with root key distributor's operation.
[the key generation of messaging device, distribution processor]
Above key generation, the step of distribution processor are carried out in explanation in above-mentioned messaging device 100.Obtain management object data such as image by CD108 or network of network connecting portion 107 and be stored in the HD106, or select the data of in HD106, having stored.Herein, the user uses mouse 112 and keyboard 113 etc. to select from the list that is presented on the monitor 102.
When the user uses the same method when the management object data are selected to have the access control structure of level axle etc. of several levels, calculate the key corresponding with CPU103 and generate with scheming, and be stored in RAM105 or the HD106 etc. with this structure.
Generate random data from the data such as action of ROM104, RAM105, HD106 or mouse 112, generate a plurality of primary keys with this random data, and be stored in RAM105 or the HD106 etc.Further, generate the separate keys of using each node the figure from the primary key computation key, and be stored in RAM105 or the HD106 etc.
To other messaging device, read the separate keys that is stored in RAM105 or the HD106 etc., and distribute via network by network connecting portion 107.
[access structure of the layering that the hierachy number of each level axle is different]
In Fig. 2 and Fig. 3, only enumerate the example (level at Fig. 2 middle level secondary axes all is 3, all is 4 at the level of Fig. 3 middle level secondary axes) of the level axle that respectively has identical level, shown in Figure 8 also can using the same method generates the example of different levels.In the 8A and 8B of Fig. 8, the lower left to level be 3, the lower right to level be 4, but can learn and can normally handle according to the flow chart that Fig. 4 and Fig. 7 put down in writing.
The variation of<the 1 execution mode 〉
In the 1st execution mode, be the mode of type B key from the key data generation of middle line, illustrate that here the root key distributor is to generate and to distribute the amalgamation mode of primary data with type A-key same structure.
The 9A of Fig. 9 and 9B, the level that is each level axle are the structure example of 3 o'clock execution mode 1.Figure 10 is putting down in writing the method at the starting stage generation primary key that be called z different with x, y, rather than the mode from middle line generation type B key among Fig. 9.Method for expressing is identical with Fig. 2, and the 3rd representation in components is implemented the number of times of hash function to primary key z.Specifically, in non-existent line 1 of type B key and line 2, primary key z is directly distributed as the key information of child node.The method that 9B put down in writing according to Fig. 9 in line 3 is handled z as initial key R30.Distribute h (z) below 4 in line.
Under the situation of this amalgamation mode, not that the function of the conspiracy attack of a plurality of nodes of layer concentrates on the 3rd primary key with avoiding together, but can be distributed to the 1st or the 2nd primary key.It is the one example that the key of being put down in writing among Figure 11 generates with figure.Like this, can also constitute the figure that has reduced total hash operand.
The 2nd execution mode that the key of<this equipment generates, manages 〉
Below, illustrate that the key of the said equipment generates, the 2nd execution mode of management.
[key generation summary]
At first, generation for the separate keys of each node in the key management mode of layering is described.
In addition, hereinafter, for simplicity, as shown in figure 12, the tree structure in the key management mode of layering is replaced into matrix describes.The 12A of Figure 12 illustrates the example that is constituted and had the tree structure of 16 nodes by 7 levels.And the 12B of Figure 12 illustrates the tree structure shown in the 12A of Figure 12 is replaced into example behind the matrix.The numeral that is marked on each unit of numeral that is marked on each node of the 12A of Figure 12 and the 12B of Figure 12, expression has identical corresponding relation.
At first, in the tree structure shown in the 12A of Figure 12, make root node (among the figure) corresponding with the most top-right unit in the matrix by the node of " 0 " expression.And, make node that is positioned at the left side in the child node of each node in the tree structure and the node that is positioned at the right corresponding with the unit on the left side of the unit of matrix and following unit respectively.By all nodes and unit are set up this corresponding relation in order, the tree structure shown in the 12A of Figure 12 can be replaced into the matrix shown in the 12B of Figure 12.
The key generation of present embodiment then, is described.Key generates, and carries out with matrix and Tu Lai according to Figure 13 and key generation shown in Figure 14.
The separate keys of each element and node in tree structure, is divided into from 2 shared primary keys of all nodes and implements type A-key that hash functions obtain and these 2 types of the type B keys that only obtain from leaf node (node of no child node) node in addition.
In addition, in tree structure, for simplicity, definition is called the group of " line ", as the set of the node that is present in identical level.As line 1, the line sequence number is set at and whenever just increases by 1 (with reference to the 12A of Figure 12) through 1 level with root node.
Further, in matrix,, be initial point (0,0), and defined the reference axis that the x coordinate upwards increases in vertical lower at the upwards increase of horizontal left, y coordinate the most top-right element definition for representing the coordinate of each unit.According to this definition, for example, the coordinate representation of the element that is designated as " 4 " of the 12B of Figure 12 is (1,1), and the coordinate representation of element that is designated as " 14 " is for (2,3) (with reference to 12B of Figure 12).
In addition, in the following description, the unit number of setting the horizontal direction of matrix is that the unit number of Nx, vertical direction is Ny.
[type A-key]
As the example of type A-key, with the 13A of Figure 13 and the 14A explanation of Figure 14.The 14A of example, Figure 14 of matrix that the 13A of Figure 13 illustrates the type A-key of Nx=4, Ny=4 illustrates the example of matrix of the type A-key of Nx=5, Ny=5.2 primary keys setting as the source that generates all type A-keys are respectively x, y.In the 14A of the 13A of Figure 13 and Figure 14,2 numerals being put down in writing on each unit are implemented the number of times of hash function to x, y.For example, on the unit that is designated as [1,4], set as the type A-key and preserve H (x) and H (H (H (y)))).From now on, when implementing n hash function, be expressed as H^n () briefly.According to this representation, the unit that is designated as [1,4] just has H (x) and these 2 type A-keys of H^4 (y).
[type B key]
As the example of type B key, with the 13B of Figure 13 and the 14B explanation of Figure 14.It should be noted that the 13B of Figure 13 and the 14B of Figure 14 have and the 13A of Figure 13 and the measure-alike matrix of 14A of Figure 14.These keys do not exist in the most descending and left column of matrix.For the expression key does not exist, set hereinafter and use symbol " N ".In addition, on left column, right column, the most descending and the most up unit in addition, directly adopt the value of the type A-key that is of a size of Nx-2, Ny-2.Further, directly adopt on the most up unit beyond these unit its next line the unit value and on the unit of right lateral the direct value of the unit that is listed as, its left side one of employing.
2 primary keys setting as the source that generates all type B keys are respectively u, v.With the type A-key similarly, in the 14A of the 13A of Figure 13 and Figure 14,2 numerals that are additional to each unit are implemented the number of times of hash function to u, v.
Further, shown in the 14C of Figure 14,, shown in the 14C of Figure 14, adopt the fusion key that is of a size of Nx-2 and Ny-2 when big being of a size of more than or equal to 5 time in the size of the matrix of type B key.To describe in detail hereinafter for merging key.
[fusion key]
In the present embodiment, aforesaid type A-key and type B key are merged use.Hereinafter, the key that has merged type A-key and type B key is called the fusion key.In Figure 15, the matrix of the fusion key when Nx=4, Ny=4 as shown in figure 13 is shown (15A of Figure 15).As shown in figure 15, the type A-key and the type B key that will be positioned at same unit merge, and generate corresponding fusion key.For example, in the 15A of Figure 15, unit (1,2) means preservation H^5 (x), H^4 (y), H^2 (u) and H (v) such fusion key.
In addition, as mentioned above, the cipher key matrix in the present embodiment that more than illustrated also can be expressed as tree structure.Among the 15B of Figure 15, the example when illustrating with the matrix shown in the 15A of tree list diagrammatic sketch 15.
[key generates the map generalization method of using]
Below, illustrate that with Figure 16 the generation of present embodiment merges the processing method of key.
As shown in figure 16, at first, in step S601, expression is merged the variable Nx and the Ny initialization of the unit number of the horizontal direction of cipher key matrix and vertical direction.This needs to set suitable value according to the number of objects of the control that conducts interviews and gets final product.For example, when the view data with 6 exploring degree and 5 image quality is carried out the access control corresponding with exploring degree and image quality, be set at Nx=6 and Ny=5.But the present invention is not limited thereto, and can be adapted to various access control.Further, the variable PL with expression processing level is initialized as 0.
Then, step S602 will merge the number of elements initialization of being stored in each unit of cipher key matrix.In the present embodiment, will handle the number that will be stored in a fusion key in the unit that is generated by fusion key generation described later and be set at number of elements.Generate at the fusion key of present embodiment and to handle, to a unit generate Min (Nx, Ny) individual fusion key, therefore number of elements is set at Min (Nx, Ny).And (a b) is the computing of selecting little value in a and b to Min.For example, as mentioned above, when making Nx=6, Ny=5, be initialized as 5 with being stored in a number of elements in the unit.
Step S603 generates the fusion cipher key matrix of handling the size Nx*Ny among the level PL.Fusion key for present embodiment generates processing, will describe in detail below.
Then, step S604 permeates the fusion key among the treated layers that the generated time PL and merges a cipher key matrix.In the present embodiment, the type B key that will handle the type A-key of level PL=0 and handle level PL=0 merges, and further with generated it is later (handle level PL1 above) that all type B keys merge.
More than, illustrated that the generation in the present embodiment merges the processing method of key.
Then, with Figure 17 the fusion key generation processing of present embodiment is described.Figure 17 is that the fusion key of explanation present embodiment generates the flow chart of handling.
As shown in figure 17, at first, step S501 judges Max, and (whether Nx is Ny) smaller or equal to 2.And (a b) is the operator of selecting big value in a and b to Max.When its value smaller or equal to 2 the time, make to handle to enter step S502.Otherwise make to handle and enter step S503.
Step S502 generates the type A-key matrix of handling the size Nx*Ny among the level PL.After having generated type A-key matrix, finish to merge key and generate processing.
On the other hand, step S503 generates the fusion cipher key matrix of handling size (Nx-2) * (Ny-2) among the level PL+1.Further, after having generated the fusion cipher key matrix, step S504 generates the type B cipher key matrix of handling the size Nx*Ny among the level PL, and finishes to merge the key generation and handle.
As mentioned above, in the present embodiment,, recursively generate the fusion cipher key matrix of handling size (Nx-2) * (Ny-2) among the level PL for generating the fusion cipher key matrix of the size Nx*Ny among the processing layer time PL.That is, generate larger-size fusion cipher key matrix with the less fusion cipher key matrix of size in order.
Below, the generation method of the matrix of the flowchart text type A-key of usefulness Figure 18.
At first, step S801 is set at 0 with variable i and j.Variable i and j are respectively the index of the coordinate of the horizontal direction of representing matrix and vertical direction.
Then, step S802 estimates the value of variable Ny.Being 1 as Ny makes processing enter step S814.Otherwise make to handle and enter step S803.
Step S803 estimates the value of variable j.Being 0 as j makes processing enter step S804.Otherwise make to handle and enter step S805.Then, step S804, will be worth i substitution unit (i, x key x j) (i, j).On the other hand, step S805, will be worth Nx+j-1 substitution unit (i, x key x j) (i, j).Afterwards, make processing enter step S814.
Step S814 estimates the value of variable Nx.Being 1 as Nx makes processing enter step S809.Otherwise make to handle and enter step S806.
Step S806 estimates the value of variable i.Being 0 as i makes processing enter step S807.Otherwise make to handle and enter step S808.Then, step S807, will be worth j substitution unit (i, y key y_ j) (i, j).On the other hand, step S808, will be worth Ny+i-1 substitution unit (i, y key y_ j) (i, j).Afterwards, make processing enter step S809.
Step S809 makes variable i increase by 1, and makes processing enter step S810.Then, in step S810, estimate the value of variable i.When making during less than Nx to handle, i enters step S803.Enter step S813 otherwise make to handle, variable i is initialized as 0 after, make to handle to enter step S811.
Step S811 makes variable j increase by 1, and makes processing enter step S812.Then, in step S812, estimate the value of variable j.When making during less than Ny to handle, j enters step S803.Otherwise generating, handles the end type A-key.
More than, the generation method of matrix of the type A-key of present embodiment has been described.Method when Nx=4, Ny=4, can generate the matrix of the type A-key of putting down in writing among the 13A of Figure 13 as described above.And when Nx=5, Ny=5, can generate the matrix of the type A-key of putting down in writing among the 14A of Figure 14 equally.
Below, the generation method of the matrix of the flowchart text type B key of usefulness Figure 19.At first, step S902 is set at 0 with variable i and j.Variable i and j are respectively the index of the coordinate of the horizontal direction of representing matrix and vertical direction.
Then, step S903 estimates the value of variable i and j.As i and j is 0 o'clock all, makes to handle to enter step S904.Otherwise make to handle and enter step S905.In step S904, to the unit (i, u key u_ j) (i, j) and unit (i, v key v_ j) (i, j) all substitutions 0.Afterwards, make processing enter step S911.In addition, when Nx=3, do not generate u key u_ (i, j), when Ny=3, do not generate v key v_ (i, j).
Step S905 estimates the value of variable i and j.Equal Nx-1 or j equals Ny-1 as i, make to handle to enter step S906.Otherwise make to handle and enter step S907.Step S906, to the unit (i, u key u_ j) (i, j) and unit (i, v key v_ j) (i, j) all substitutions " N ".As mentioned above, " N " is the symbol of representing not set key.Afterwards, make processing enter step S911.In addition, when Nx=3, do not generate u key u_ (i, j), when Ny=3, do not generate v key v_ (i, j).
Step S907 estimates the value of variable i.Being 0 as i makes processing enter step S908.Otherwise make to handle and enter step S909.Step S908, with u ' _ (0, j-1) the substitution unit (i, u key u_ j) (i, j), with v ' _ (0, j-1) the substitution unit (i, v key v_ j) (i, j).Herein, u ' and v ' expression processing level is PL+1, is the type A-key that matrix is of a size of (Nx-2) * (Ny-2).Handling level is the type A-key of PL+1, generates the previous step of handling (the step S504 of Figure 17) at the type B key, generates to handle in (the step S503 of Figure 17) at the fusion key to generate in advance.Afterwards, make processing enter step S911.In addition, when Nx=3, do not generate u key u_ (i, j), when Ny=3, do not generate v key v_ (i, j).
Step S909 estimates the value of variable j.Being 0 as j makes processing enter step S910.Otherwise make to handle and enter step S915.Step S910, with u ' _ (i-1,0) substitution unit (i, u key u_ j) (i, j), with v ' _ (i-1,0) substitution unit (i, v key v_ j) (i, j).On the other hand, step S915, with u ' _ (i-1, j-1) the substitution unit (i, u key u_ j) (i, j), with v_ (i-1, j-1) the v key v_ of substitution unit (i, j) (i, j).Afterwards, make processing enter step S911.In addition, when Nx=3, do not generate u key u_ (i, j), when Ny=3, do not generate v key v_ (i, j).
Step S911 makes variable i increase by 1, and makes processing enter step S912.Then, in step S912, estimate the value of variable i.When making during less than Nx to handle, i enters step S903.Enter step S915 otherwise make to handle, variable i is initialized as 0 after, make to handle to enter S913.
Step S913 makes variable j increase by 1, and makes processing enter step S914.Then, in step S914, estimate the value of variable j.When making during less than Ny to handle, j enters step S903.Otherwise generating, handles end type B key.
More than, the generation method of matrix of the type B key of present embodiment has been described.Mode when Nx=4, Ny=4, can generate the matrix of the type B key of putting down in writing among the 13B of Figure 13 as described above.And when Nx=5, Ny=5, can generate the matrix of the type B key of putting down in writing among the 14B of Figure 14 equally.
[legitimacy that key generates]
Above-mentioned map generalization mode satisfies following condition during generation.
Node is only to generate the key of its Sun Jiedian
Can not generate the key (unless uni-directional function dies down) of father node from the key information of child node
Even plural arbitrarily entity is conspired, can not generate the key that is positioned at the node more high-order than each entity
According to these conditions, can realize to carry out safely that key generates and the key management mode of the layering of key distribution.
[key distribution]
The cryptographic key distribution method to the next node of entity of root key distributor's (entity of root node) the preservation separate keys beyond the cryptographic key distribution method of each node and root key distributor is described respectively.At first, the root key distributor generates key x, y, u, v at random and safely, and with its separate keys as self.Further, according to above-mentioned key generate step with a plurality of cipher key configuration in each node.The root key distributor distributes the key of each node safely to the entity that is positioned at each node.In addition, key distribution figure shown in Figure 13 and 14 is open, and can discern the data of key that the key of being distributed is which position of figure to each entity distribution.These data, for example by in the sequence number of tree structure and the same line of expression which line in identification serial number constitute or constitute and get final product by the coordinate in the matrix.
Below, the cryptographic key distribution method of the entity of the preservation separate keys beyond the root key distributor is described.The recognition data of the position of the key from expression separate keys and key distribution figure, the key data that generation is corresponding with child node or Sun Jiedian.For example in the 15A of Figure 15, preserve x ', y ', u ', v ' as merging key, if this is unit (1,1), promptly is the 2nd of line 3 in the drawings the position in matrix, then corresponding to [4,4,0,0].This entity, since be H^4 (x)=H^0 (H^4 (x))=x ', H^5 (y)=H^1 (H^4 (y))=H^1 (y '), H (u)=H^1 (H^0 (u))=H^1 (u ') and H^2 (v)=H^2 (H^0 (v))=H^2 (v '), as unit (2,1) key, can be to unit (2,1), promptly as the 2nd of line 4 child node distribution H^4 (x '), H (y '), H^1 (u ') and H^2 (v ').Obviously equally also can generate child node or the corresponding key of Sun Jiedian with other.
[the key generation of messaging device, distribution processor]
Above key generation, the step of distribution processor are carried out in explanation in above-mentioned messaging device 100.Obtain management object data such as image by CD108 or network of network connecting portion 107 and be stored in the HD106, or select the data of in HD106, having stored.Herein, the user uses mouse 112 and keyboard 113 etc. to select from the list that is presented on the monitor 102.
When the user uses the same method when the management object data are selected to have the access control structure of level axle etc. of several levels, calculate the key corresponding with CPU103 and generate with scheming, and be stored in RAM105 or the HD106 etc. with this structure.
Generate random data from the data of the action of ROM104, RAM105, HD106 or mouse 112 etc., generate a plurality of primary keys with this random data, and be stored in RAM105 or the HD106 etc.Further, generate the separate keys of using each node the figure from the primary key computation key, and be stored in RAM105 or the HD106 etc.
To other messaging device, read the separate keys that is stored among RAM105 or the HD106 etc., and distribute via network by network connecting portion 107.
[access structure of the layering that the hierachy number of each level axle is different]
In Figure 13 and Figure 14, example when only enumerating Nx and Ny and equating (is Nx=Ny=4 among Figure 13, be Nx=Ny=5 among Figure 14), even but under the Nx situation different with Ny shown in the 20A of Figure 20 for the type A-key, shown in the 20B of Figure 20 for the generation that also can use the same method of type B key.In Figure 20, be Nx=3, Ny=4, but obviously can normally handle according to the flow chart of putting down in writing among Figure 18 and Figure 19.
The 3rd execution mode that the key of<this equipment generates, manages 〉
Below, illustrate that the key of the said equipment generates, the 3rd execution mode of management.
[key generation summary]
At first, generation for the node key of each node in the key management mode of layering is described.
In the present invention, be prerequisite to close as Figure 22 and the directed graph representational level that does not possess loop and loop structure shown in Figure 32.When position that the such a plurality of nodes of node n1 that exists image pattern 40 and n2 are being connected with directed graph each other, by these nodes being gathered and, can being summed up as the situation that does not have node with this two-way annexation as a node processing.Figure 41 is the directed graph that n1 and n2 is considered as same node n1 '.Below, be set at and do not have node with this two-way annexation.
For ease of explanation, in the present embodiment, use the dot chart of 2 levels as shown in figure 22.In Figure 23 and Figure 24,3 numerals putting down in writing on each unit are implemented the number of times of hash function to 3 initial key x, y, z.For example, on the unit that is designated as [2,2, N], set as node key and preserve H (H (x)) and H (H (y)).N means " nothing ", and expression does not possess the information about initial key.From now on, when implementing n hash function, be expressed as H^n () briefly.According to this representation, be designated as the in store H^2 in unit (x) and two node keys of H^2 (y) of [2,2, N].Describe after also the tree structure in the key management mode of layering can being replaced into matrix.Figure 23 is the example with tree structure of 9 nodes, the numeral that is marked on the numeral that is marked on each node of Figure 23 and each unit of Figure 24, and expression has identical corresponding relation.
At first, in tree structure as shown in figure 23, make root node (node of representing with [0,0,0] among the figure) corresponding with the most top-right unit in the matrix.And, make node that is positioned at the left side in the child node of each node in the tree structure and the node that is positioned at the right corresponding with the unit on the left side of matrix and following unit respectively.By all nodes and unit are set up this corresponding relation in order, the tree structure shown in Figure 23 can be replaced into the matrix shown in Figure 24.
Then, illustrate that the key shown in Figure 23 or Figure 24 generates the generation method with data.
[cutting apart of node]
Use data for generating the key generation, in the key distribution figure G that is provided, carry out cutting apart of node, make it satisfy following condition.Herein, set to use the set that node is overall be called Node (G), will the part set the size of collection be called N, the segment set after will cutting apart be collectively referred to as do SubG_1, SubG_2 ..., SubG_N method for expressing.
SubG_1U SubG_2U ... U SubG_N=Node (G), in other words, part set totally comprise all nodes.
2 node n_a, n_b arbitrarily of being comprised among the SubG_i, n_a<n_b or n_a>n_b sets up.In other words, n_a, n_b exist the descendants to concern, a side must be descendants's node of the opposing party.
Several N of the part set after this is cut apart are expressed as the Ord (G) of the key distribution sequence (order) that is called key distribution figure G.
[distribution of node key]
Part is gathered SubG_i calculate initial key K_i seriatim, and distribute as the node key of root node.To descendants's node of root node subordinate, by following rule distribution node key.
A) each node is distributed the (sequence number of 1≤i≤N) be associated with N initial key K_i.This sequence number is initial key K_i to be implemented the number of times of uni-directional function, also distributes " N " that means " nothing " sometimes.When this sequence number of initial key K _ i was " N ", meaning did not have to preserve the key relevant with initial key K_i.
B) node that is comprised among the SubG_i is concerned with sort in descending order according to the descendants on the directed graph in each set, and distribute the sequence number that increases seriatim from 0.This sequence number is the sequence number that is associated with initial key K_i.
C) when the node that is comprised among the SubG_i with initial key K_i (when the sequence number of i ≠ j) be associated is not the ancestor node of the node that comprised among (as with the corresponding part set of initial key K_i) SubG_j, making this sequence number is N (nothing), and sets as this sequence number of the node of ancestor node minimum value for the sequence number that has been assigned with as descendants's node in the node that SubG_j comprised.
Figure 31 is the figure that has carried out above-mentioned node key allocation process by flow chart.Below, carry out the explanation of Figure 31.Whole node set have been divided into part relatively prime and that be not empty set set SubG_i (1≤i≤N), and calculating is gathered corresponding initial key K_i with each several part herein.And, the node number scale that part is gathered among the SubG_i to be comprised to be stated into #N (i), the node that part is gathered among the SubG_i to be comprised is recorded and narrated to concern the SubG_i={n (i of sort in descending order according to the descendants on the directed graph, 1), n (i, 2),, n (i, #N (i)) }.Further, with the corresponding node key of node n (i, j), be to initial key K_k (1≤k≤N) has implemented the key behind the one-way hash function of stipulated number, and with this stipulated number be expressed as h (i, j, k).
Step S1101 is that circulation, the step S1102 from 1 to the N variable i that changes is that circulation, step S1103 from 1 to the N variable j that changes is the circulation of the variable k that changes from 1 to #N (i).Whether step S1104 estimates variable i consistent with variable k, makes to handle when unanimity to enter step S1105, makes when inconsistent to handle to enter step S1106.(i, j k), and return circular treatment to step S1105 with j-1 substitution h.Step S1106 estimate whether exist satisfy n (k, m)<n (i, j), be that (i is that (k, the m of ancestor node m) make when not existing to handle to enter step S1107 n, make when existing to handle to enter step S1108 j) to n.(i, j k), and return circular treatment to step S1107 with " N " substitution h.
Step S1108, with min{h (k, m, k) | n (k, m)<n (i, j) }, be that (i is that (k, ((i, j k), and return circular treatment to minimum value substitution h k) to h in the node of ancestor node m) for k, m as n j) to n.
Below, with Figure 25~Figure 28, Figure 29 and Figure 30, Figure 32~Figure 38 concrete example is described.
Figure 25 is that the key shown in Figure 22 generates the example of cutting apart with the node among the figure, is divided into 3 parts and gathers SubG_1~SubG_3.That is, SubG_1={n0, n2, n5}, SubG_2={n1, n4, n7}, SubG_3={n3, n6, n8}.At this moment, only express h (i, j, i) be Figure 26.For example { h (1,1,1), h (1,2,1), h (1,3,1) }=and 0,1,2}, this is corresponding with step S1104 and step S1105.Further, put down in writing from the descendants of node relation become " N " the position be Figure 27.H (1,1,3)=" N " for example, this be since make n (3, m)<m of n (1,1)=n3 do not exist and cause.In fact, can confirm n (3,1)=n0, n (3,2)=n2, n (3,3)=n5, this is corresponding with step S1106 and step S1107.Further satisfy n (3, m)<(i, the result who reflects after checking among j) all i, the j is Figure 28 to n.H (2,1,1)=0 for example, make n (1, m)<might be 1,2,3 among the m of n (2,1)=n1, in h (1,1,1)=0, h (1,2,1)=1, h (1,3,1)=2, select as 0 of minimum value.Further satisfy n (2, m)<(i checks among j) all i, the j n, finally obtains Figure 24.
In addition, the constructive method of putting down in writing among Figure 29 different with Figure 25 of cutting apart based on node can similarly constitute according to flow chart and Figure 24 of Figure 31, obtains Figure 30.In Figure 24 and Figure 30, total hash operand is many with the situation of Figure 30.
Then, illustrate that key shown in Figure 32 generates the constructive method with the node key among the figure.Figure 33 is that the key shown in Figure 32 generates the example of cutting apart with the node among the figure, is divided into 3 parts and gathers SubG_1~SubG_3.That is, SubG_1={n0, n1, n4, n7}, SubG_2={n3, n6}, SubG_3={n2, n5}.At this moment, the node key that constitutes according to the flow chart put down in writing among Figure 31 as shown in figure 34.Below, the structure up to Figure 34 is described.At first, only express h (i, j, i) be Figure 35.For example { h (1,1,1), h (1,2,1), h (1,3,1), h (1,4,1) }=and 0,1,2,3}, this is corresponding with step S1104 and step S1105.Further, put down in writing from the descendants of node relation become " N " the position be Figure 36.H (1,2,3)=" N " for example, this be since make n (3, m)<m of n (1,2)=n1 do not exist and cause.In fact, can confirm n (3,1)=n3, n (3,2)=n6, this is corresponding with step S1106 and step S1107.Further, satisfy n (1, m)<(i, the result who reflects after checking among j) all i, the j is Figure 37 to n.H (2,1,1)=2 for example, make n (1, m)<might be 3,4 among the m of n (2,1)=n3, in h (1,3,1)=2, h (1,4,1)=3, select as 2 of minimum value.Similarly satisfy n (2, m)<(i checks among j) all i, the j n, finally obtains Figure 34.
Further, consider not situation to the terminal node distributed key.This can constitute the state of the data such as thumbnail in the access images data unrestrictedly.Figure 39 is the one example, means that there is not node key in terminal node, is recited as [N, N, N].This can obtain in the following manner, that is: the state that only terminal node is not comprised which of node n partly gathered when node is cut apart is applied to the flow chart of Figure 31.Provided just herein a terminal node has not been distributed the example of node key, even but obviously under to the situation of a plurality of nodes, also can constitute in the same way.
[condition that the key that is generated should satisfy]
Above-mentioned key generating mode constitutes and satisfies following condition.
A. generate possibility: Object node can generate the key of its Sun Jiedian
B. conspiracy attack avoidant property: (unless uni-directional function dies down) can not generate the key that is positioned at the ancestor node more high-order than each node even be positioned at arbitrarily more than or equal to the entity of two node and conspire
According to these conditions, can realize to carry out safely that key generates and the key management mode of the layering of key distribution.
[key distribution]
Illustrate respectively by root key distributor (entity of root node) to the method for each node distributed key with by the entity of the preservation separate keys beyond the root key distributor method to low level node distributed key.At first, the root key distributor generates number according to key distribution figure G decision and is the individual parameter of key distribution sequence Ord (G) { x_i} ((1≤i≤Ord (G))), and with its separate keys as self at random and safely.Further, according to above-mentioned key generate step with a plurality of cipher key configuration at each node.The root key distributor is to the key of each node of entity security ground distribution of being positioned at each node.And, key distribution figure is disclosed, and can discern the data that the key of being distributed is the key of which position among the figure each entity distribution.These data, for example with dot chart during as key distribution figure, the coordinate by with matrix notation the time constitutes and gets final product.
[the key generation of messaging device, distribution processor]
Above key generation, the step of distribution processor are carried out in explanation in above-mentioned messaging device 100.Obtain management object data such as image by CD108 or network of network connecting portion 107 and be stored in the HD106, or select the data of in HD106, having stored.Herein, the user uses mouse 112 and keyboard 113 etc. to select from the list that is presented on the monitor 102.
When the user uses the same method when the management object data are selected to have the access control structure of level axle etc. of several levels, calculate the key corresponding with CPU103 and generate with scheming, and be stored in RAM105 or the HD106 etc. with this structure.
Generate random data from the data such as action of ROM104, RAM105, HD106 or mouse 112, generate a plurality of primary keys with this random data, and be stored in RAM105 or the HD106 etc.Further, generate the separate keys of using each node the figure from the primary key computation key, and be stored in RAM105 or the HD106 etc.
To other messaging device, read the separate keys that is stored in RAM105 or the HD106 etc., and distribute via network by network connecting portion 107.
The concrete example of the level type access structure of<present embodiment 〉
The preferred example of the access control of having adopted the key data with level type structure that the key distribution mode according to the 1st and the 3rd execution mode generates is described.
Generate with figure at the key shown in Fig. 2, Fig. 3 and Figure 15, have 2 level axles.Shown in Figure 42 will be wherein 1 (lower left to) as exploring degree, example with another (lower right to) during as image-region.In the exploring degree, have high, medium and low 3 levels, represent the exploring degree of obtainable image.Also have 3 levels at image-region, set the reading authority of giving Zone Full, subregion A, (narrower) subregion B than subregion A.At this moment, the node of the authority maximum that is positioned at root is distributed (exploring degree=height, image-region=all), the node of lowest order is distributed (exploring degree=low, image-region=area B).
[the concrete example that is suitable for of the 1st execution mode]
With carry out according to the situation of key distribution of Figure 10 be example explanation cryptographic key distribution method and image encryption method.For object image data IMG, the view data of establishing area B is that IMG_1, regional A differential data are IMG_2, the differential data that is used to obtain all view data is IMG_3.In other words, IMG=IMG_1+IMG_2+IMG_3.In addition, to each IMG_i, establishing low exploring degrees of data is that IMG_i (L), middle exploring degree differential data are that IMG_i (M), high-resolution data are IMG_i (H).In other words, IMG_i=IMG_i (L)+IMG_i (M)+IMG_i (H).
At first, the root key distributor generates primary key x, y, z randomly.If the key K ey that encryption is used (<High, All 〉) :=H (x ‖ y ‖ z), encrypt IMG_3 (H) with this key.Wherein, ‖ is the connection of data.3 data that will obtain on each child node connect by same mode and root node and generate encryption key, and with the data encryption of putting down in writing among Figure 43.
For example,, All at<Mid〉on the node, provide H (x), H^2 (y), z as key data, establish encryption key Key (<Mid, All 〉) :=H (H (x) ‖ H^2 (y) ‖ z), with this key IMG_3 (M) is encrypted.When data encrypted is decrypted, carry out same processing, calculate encryption key and carry out decryption processing, thereby obtain suitable view data.
[the concrete example that is suitable for of the 2nd execution mode]
With carry out according to the situation of key distribution of Figure 21 be example, cryptographic key distribution method and image encryption method are described.The example of type A-key when Figure 21 is Nx=3, Ny=3 (21A of Figure 21) and type B key (21B of Figure 21).For object image data IMG, the view data of establishing area B is that IMG_1, regional A differential data are IMG_2, the differential data that is used to obtain all view data is IMG_3.In other words, IMG=IMG_1+IMG_2+IMG_3.In addition, to each IMG_i, establishing low exploring degrees of data is that IMG_i (L), middle exploring degree differential data are that IMG_i (M), high-resolution data are IMG_i (H).In other words, IMG_i=IMG_i (L)+IMG_i (M)+IMG_i (H).
At first, the root key distributor generates primary key x, y, u randomly.If the key K ey that encryption is used (<High, All 〉) :=H (x ‖ y ‖ u), encrypt IMG_3 (H) with this key.Wherein, ‖ is the connection of data.3 data that will obtain on each child node connect by same mode and root node and generate encryption key, and with the data encryption of putting down in writing among Figure 43.
For example,, All at<Mid〉on the node, provide H (x), H^3 (y), u as key data, establish encryption key Key (<Mid, All 〉) :=H (H (x) ‖ H^3 (y) ‖ u), with this key IMG_3 (M) is encrypted.When data encrypted is decrypted, carry out same processing, calculate encryption key and carry out decryption processing, thereby obtain suitable view data.
[the concrete example that is suitable for of the 3rd execution mode]
With carried out according to the situation of key distribution of Figure 23 or Figure 24 be example, cryptographic key distribution method and image encryption method are described.For object image data IMG, the view data of establishing area B is that IMG_1, regional A differential data are IMG_2, the differential data that is used to obtain all view data is IMG_3.In other words, IMG=IMG_1+IMG_2+IMG_3.In addition, to each IMG_i, establishing low exploring degrees of data is that IMG_i (L), middle exploring degree differential data are that IMG_i (M), high-resolution data are IMG_i (H).In other words, IMG_i=IMG_i (L)+IMG_i (M)+IMG_i (H).
At first, the root key distributor generates primary key x, y, u randomly.If the key K ey that encryption is used (<High, All 〉) :=H (x ‖ y ‖ u), encrypt IMG_3 (H) with this key.Wherein, ‖ is the connection of data.3 data that will obtain on each child node connect by same mode and root node and generate encryption key, and with the data encryption of putting down in writing among Figure 43.
For example,, All at<Mid〉on the node, provide H (x), H^3 (y), u as key data, establish encryption key Key (<Mid, All 〉) :=H (H (x) ‖ H^3 (y) ‖ u), with this key IMG_3 (M) is encrypted.When data encrypted is decrypted, carry out same processing, calculate encryption key and carry out decryption processing, thereby obtain suitable view data.
In the present embodiment,, adopted the mode that key is connect and carries out hash as the generating mode of encryption key, but also can be according to other key bind mode (calculating the mode of 1 key from a plurality of key datas).
In addition, in the present embodiment, enumerate exploring degree and image-region as the level axle, but the present invention is not limited thereto, also can or utilizes control information etc. to can be used as that optional plural level uses as axle the level of access control object from image quality, time shaft.
<based on other execution modes of software etc. 〉
The present invention, a part that can be used as the system that is made of a plurality of equipment (for example master computer, interface equipment, reader, printer etc.) is used, and also can be applied to the part by the system of an equipment (for example photocopier, picture unit) formation.
In addition, the present invention, have more than equipment and the method that is used to realize above-mentioned execution mode that be defined in, and the method that the method described in execution mode combination is carried out, the program code that will be used to realize the software of above-mentioned execution mode is supplied with the computer (CPU or MPU) in said system or the equipment, thereby and make above-mentioned various device action realize the situation of execution mode by the computer of said system or equipment according to this program code, be also included within the category of the present invention.
In addition, in this case, itself can realize the function of above-mentioned execution mode the program code of above-mentioned software, thereby this program code itself and be used for this program code is supplied with the device of computer, specifically is exactly the storage medium of having stored the said procedure code, be also included within the category of the present invention.
As this program code stored storage medium, for example, can use floppy disk, hard disk, CD, magneto-optical disk, CD-ROM, tape, Nonvolatile memory card, ROM etc.
In addition, thereby not only in the situation that only realizes the function of above-mentioned execution mode by the aforementioned calculation machine according to the program code control various device of being supplied with, and, be also included within the category of the present invention making said procedure code and the OS (operating system) that is working on computers or other application programs etc. jointly realize the program code of the situation of above-mentioned execution mode.
Further, with this program code of supplying be stored in computer function expansion card or with the memory that functional expansion unit had that computer is connected in after, carry out all or part of of actual treatment by CPU that this function expansion card or functional expansion unit had etc. according to the indication of this program code, and, be also included within the category of the present invention by this situation of handling the above-mentioned execution mode of realization.
As mentioned above, according to the present invention, has following effect: provide a kind of content delivering system or removable media control mode of managing a plurality of keys that are used for deciphering, the mode that the amount of calculation that generates by the minimizing key alleviates the key management load at needs.
The present invention is not restricted to above-mentioned execution mode, only otherwise break away from the spirit and scope of the present invention, can carry out various changes and distortion.Therefore, in order to disclose scope of the present invention, additional following claim.

Claims (45)

1. a key information processing method is characterized in that, comprising:
Set step,, set the collection of the execution regulation of uni-directional function each element of a plurality of elements with hierarchical relationship;
Key generates step, to above-mentioned each element, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And
The key distribution step, to above-mentioned each element, distribution is about 2 separate keys of this element.
2. information processing method according to claim 1 is characterized in that:
Above-mentioned execution regulation is the execution number of times of above-mentioned uni-directional function.
3. key information processing method according to claim 1 and 2 is characterized in that:
Generate in the step at above-mentioned key, be taken as above-mentioned primary key more than or equal to 2 about the separate keys of the element of highest order.
4. information processing method according to claim 1 and 2 is characterized in that:
Generate in the step at above-mentioned key, the element of highest order from above-mentioned primary key more than or equal to 2 generate about above-mentioned each element more than or equal to 2 separate keys;
In above-mentioned key distribution step, the element of this highest order to above-mentioned each element distribution about this element more than or equal to 2 separate keys.
5. information processing method according to claim 1 and 2 is characterized in that:
Generate in the step at above-mentioned key, the element beyond the highest order from the separate keys about this element more than or equal to 2 generate about the low level element more than or equal to 2 separate keys;
In above-mentioned key distribution step, the element beyond this highest order to this low level element distribution about this low level element more than or equal to 2 separate keys.
6. information processing method according to claim 2 is characterized in that:
Generate in the step at above-mentioned key, make above-mentioned uni-directional function be implemented in element beyond the highest order more than or equal to the collection of the execution number of times of in each of 2 separate keys, the element beyond this highest order having been set with to the corresponding number of times in the difference of the collection of the execution number of times of above-mentioned low level element setting, generate thus about this low level element more than or equal to 2 separate keys.
7. information processing method according to claim 6 is characterized in that, comprising:
Open step is to the figure of the setting content of the above-mentioned setting step of above-mentioned each element demonstration;
The recognition data distributing step is to the recognition data of above-mentioned each position of element distribution this element of expression in above-mentioned figure.
8. key information processing method according to claim 1 and 2 is characterized in that:
In above-mentioned setting step, the line sequence number of highest order layer is taken as 1, and the line sequence number that makes following level is for increasing by 1 value successively;
As collection, set { (0,0) } about the above-mentioned execution number of times of the element of line sequence number 1;
As collection, set respectively { (1,3), (3,1) } about the above-mentioned execution number of times of each element of line sequence number 2;
The node number that first prime component of the maximum in the line sequence number (i-1) is taken as among Q, the line i is taken as #R (i), as the collection about the execution number of times of each element of line sequence number i (i 〉=3), when #R (i)>#R (i-1), set (Q-2*#R (i)+5, Q+3), (Q-2*#R (i)+7, Q+1) ..., (Q+3, Q-2*#R (i)+5) }, when #R (i)<#R (i-1), set { (Q-2*#R (i)+3, Q+1), (Q-2*#R (i)+5, Q-1),, (Q+1, Q-2*#R (i)+3) }.
9. key information processing method according to claim 7 is characterized in that:
To each element of line sequence number i (i 〉=3), when satisfying #R (i)<#R (i-1), do not set (Q-2*#R (i)+3, Q+1), (Q-2*#R (i)+5, Q-1) ..., (Q+1, Q-2*#R (i)+3) }, but
When #R (i)=3, set (Q-3, Q), (Q-1, Q+2), (Q, Q+3) },
When #R (i)=2, set (Q-1, Q), (Q, Q-1) },
When #R (i)=1, set (Q, Q) }.
10. key information processing method according to claim 1 and 2 is characterized in that:
In above-mentioned setting step, the most top-right unit in the matrix is defined as initial point (0,0), and has defined the x coordinate in the reference axis that horizontal left upwards increases seriatim, the y coordinate upwards increases seriatim in vertical lower,
As about the coordinate of the matrix that is of a size of Nx*Ny (i, the collection of the above-mentioned execution number of times of unit j) (x_ij, y_ij),
When j=0, be set at x_ij=i,
When j ≠ 0, be set at x_ij=Nx+j-1 and
When i=0, be set at y_ij=j,
When j ≠ 0, be set at y_ij=Ny+i-1.
11. key information processing method according to claim 1 and 2 is characterized in that:
Above-mentioned a plurality of element is in the hierarchical relationship of the lattice-like with 2 level axles;
Comprise:
The 2nd key generates step, and the element that has a plurality of father's elements in the above-mentioned level is generated the 3rd separate keys;
The 2nd key distribution step is distributed the 3rd separate keys to above-mentioned element with a plurality of father's elements.
12. key information processing method according to claim 11 is characterized in that:
Generate in the step at above-mentioned the 2nd key,, generate above-mentioned the 3rd separate keys by to implement the uni-directional function of pre-determined number by the total data of the level of above-mentioned a plurality of father's elements.
13. key information processing method according to claim 11 is characterized in that:
Comprise that the 2nd sets step, to setting the collection of the number of times of implementing above-mentioned uni-directional function with above-mentioned each element with element same level of a plurality of father's elements;
Generate in the step at above-mentioned the 2nd key, will be generated as above-mentioned the 3rd separate keys the result behind the above-mentioned uni-directional function of each number of times of the collection of having implemented this number of times by the total data of above-mentioned a plurality of father's elements about each element of this same level.
14. key information processing method according to claim 13 is characterized in that:
Set in the step the above-mentioned the 2nd, the line sequence number of highest order layer is taken as 1, and the line sequence number that makes following level is for increasing by 1 value successively, and the node number among the line i is taken as #R (i);
To each element of the level of the line sequence number i that satisfies #R (i)<3, do not set above-mentioned number of times;
To each element of the level of the line sequence number i that satisfies #R (i) 3, as above-mentioned number of times, set (1 ..., 1), (0,1 ..., 1), (1,0 ..., 1) ..., (1 ..., 1,0), (1 ..., 1).
15. key information processing method according to claim 13 is characterized in that:
Set in the step the above-mentioned the 2nd, the most top-right unit in the matrix is defined as initial point (0,0), and defined the x coordinate in the upwards increase seriatim of horizontal left, the reference axis that the y coordinate upwards increases seriatim in vertical lower, will about the coordinate in the matrix that is of a size of (Nx-2) * (Ny-2) (i ', the collection of the above-mentioned execution number of times of unit j ') be set at (u ' _ i ' j ', v ' _ i ' j ') time, as about the coordinate (i in the matrix that is of a size of Nx*Ny, collection (the u_ij of the above-mentioned execution number of times of unit j), v_ij)
When i=0 and j=0, be set at u_ij=0, v_ij=0,
When i=Nx-1 or j=Ny-1, as u_ij and v_ij, be set at the non-existent information of the above-mentioned separate keys of expression,
When i=0 and j ≠ 0, be set at u_ij=u ' _ i (j-1) and v_ij=v ' _ i (j-1),
When j=0 and i ≠ 0, be set at the j of j of u_ij=u ' _ (i-1) and v_ij=v ' _ (i-1),
Under the situation beyond above-mentioned, be set at (j-1) and v_ij=v ' _ (i-1) (j-1) of u_ij=u ' _ (i-1);
Generate the collection of above-mentioned size with the described method of claim 10 for the execution number of times of each unit in the matrix of (Nx-2) * (Ny-2).
16. key information processing method according to claim 11 is characterized in that:
By the total data of above-mentioned a plurality of father's elements, be data with above-mentioned primary key generation more than or equal to 2.
17. key information processing method according to claim 11 is characterized in that:
By the total data of above-mentioned a plurality of father's elements, be from above-mentioned primary key more than or equal to 2 data that generate of the 3rd primary key independently.
18. key information processing method according to claim 11 is characterized in that:
Above-mentioned 2 level axles are corresponding with the hierarchy of layer of 2 parameters of image respectively, and the separate keys of each element can be for the corresponding image of hierarchy of layer under these 2 parameter access and this element.
19. key information processing method according to claim 18 is characterized in that:
Above-mentioned 2 parameters are the zone and the exploring degree of image.
20. key information processing method according to claim 18 is characterized in that:
Above-mentioned 2 parameters are the image quality and the exploring degree of image.
21. key information processing method according to claim 18 is characterized in that:
Above-mentioned image is a motion video,
Above-mentioned 2 parameters are the time zone and the image quality of motion video.
22. a key information treatment facility is characterized in that, comprising:
Setting device to each element of a plurality of elements with hierarchical relationship, is set the collection of the execution regulation of uni-directional function;
Key generating device, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And
Key distribution device, to above-mentioned each element, distribution is about 2 separate keys of this element.
23. the program that can be read by computer is characterized in that:
Make computer carry out key information processing method,
This key information processing method comprises
Set step,, set the collection of the execution regulation of uni-directional function each element of a plurality of elements with hierarchical relationship;
Key generates step, according to the execution regulation of the correspondence of the collection of the above-mentioned execution regulation of this element having been set to implementing above-mentioned uni-directional function more than or equal to each of 2 primary key, as the value that obtains thus generate about this element more than or equal to 2 separate keys; And
The key distribution step, to above-mentioned each element, distribution is about 2 separate keys of this element.
24. a key information processing method, according to the hierarchical relationship of representing with the directed graph that does not possess loop structure, the key that generates on each node from father node carries out key distribution,
This key information processing method is characterised in that, comprising:
Initial key generates step, is being positioned at N key of calculating on the root node of highest order;
Node key generates step, will be generated as M node key about this node according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key on each node, wherein, and M≤N.
25. key information processing method according to claim 24 is characterized in that:
Comprise from the key distribution step of above-mentioned each node distribution about the node key of child node.
26. key information processing method according to claim 24 is characterized in that:
Comprise from the key distribution step of above-mentioned each node distribution about the node key of descendants's node.
27. each the described key information processing method according to claim 24~26 is characterized in that:
When above-mentioned directed graph exists the position that a plurality of different nodes are connecting by directed graph each other, these nodes are gathered with as a node processing.
28. each the described key information processing method according to claim 24~26 is characterized in that:
Comprise from the initial key of the number N of the Structure Calculation initial key of above-mentioned directed graph and count calculation procedure.
29. each the described key information processing method according to claim 24~26 is characterized in that, comprising:
The node segmentation procedure is counted in the calculation procedure at above-mentioned initial key, and the collection of the part set of generation node is so that it comprises whole nodes;
Check step, check whether above-mentioned part set satisfies the situation that the node arbitrarily that is comprised in the same part set must be in descendants's relation; And
Initial key is counted calculation procedure, with the size of the collection of the above-mentioned part set number N as above-mentioned initial key.
30. key information processing method according to claim 29 is characterized in that:
In above-mentioned node segmentation procedure, whole nodes are divided into relatively prime part set.
31. each the described key information processing method according to claim 24~26 is characterized in that, comprising:
The initial key associated steps, above-mentioned execution regulation, each collection to the part that is obtained by above-mentioned node segmentation procedure is gathered is associated different initial keys;
Numbering step is combined in above-mentioned segment set in each set and concerns sort in descending order according to the descendants on the directed graph, and distributes since 0 sequence number of increase seriatim;
Numerical value after this numbering is the number of times of above-mentioned initial key being implemented uni-directional function.
32. key information processing method according to claim 31 is characterized in that:
In above-mentioned initial key associated steps, when the node that is comprised in to other the part set that is not associated with initial key K distributes this sequence number, the ancestor node of the node that is comprised among the part set G that will be associated with above-mentioned initial key K is taken as N, be taken as in the above-mentioned part set node that G comprised the minimum value of the sequence number that has been assigned with as descendants's node as this sequence number of the node of ancestor node, wherein, this sequence number represents to implement the number of times of uni-directional function, and N represents not have.
33. each the described key information processing method according to claim 24~26 is characterized in that:
Generate in the step at above-mentioned node key, the lowest order node is not distributed node key.
34. key information processing method according to claim 33 is characterized in that:
Generate in the step at above-mentioned node key, descendants's node of a plurality of specified nodes is not distributed node key.
35., it is characterized in that according to claim 33 or 34 described key information processing methods:
In above-mentioned node segmentation procedure, in above-mentioned part set, do not comprise the node of not distributing node key.
36. each the described key information processing method according to claim 24~26 is characterized in that:
Above-mentioned directed graph is the dot matrix node of hierarchical relationship that expression has the lattice-like of 2 level axles.
37. each the described key information processing method according to claim 24~26 is characterized in that, comprising:
Disclose step, the above-mentioned node key of above-mentioned each node demonstration is set the node key setting data of the setting content of step;
The recognition data distributing step is to the recognition data of above-mentioned each position of node distribution this node of expression on above-mentioned node key setting data.
38., it is characterized in that according to the described key information processing method of claim 37:
Above-mentioned 2 level axles are corresponding with the hierarchy of layer of 2 parameters of image respectively, and the separate keys of each element can be for the corresponding image of hierarchy of layer under these 2 parameter access and this element.
39., it is characterized in that according to the described key information processing method of claim 38:
Above-mentioned 2 parameters are the zone and the exploring degree of image.
40., it is characterized in that according to the described key information processing method of claim 38:
Above-mentioned 2 parameters are the image quality and the exploring degree of image.
41., it is characterized in that according to the described key information processing method of claim 38:
Above-mentioned image is a motion video,
Above-mentioned 2 parameters are the time zone and the image quality of motion video.
42. key information processing method according to claim 24 is characterized in that:
Generate in the step at above-mentioned initial key, an above-mentioned N initial key generates from 1 primary key.
43., it is characterized in that according to the described key information processing method of claim 42:
Generate in the step at above-mentioned initial key, an above-mentioned N initial key calculates from above-mentioned primary key with uni-directional function.
44. a key information treatment facility can generate key on each node from father node according to the hierarchical relationship of representing with the directed graph that does not possess loop structure,
This key information treatment facility is characterised in that, comprising:
The initial key generating apparatus, the root node that is positioned at highest order calculates N key;
The node key generating apparatus, each node will be generated as M node key about this node according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key, wherein, M≤N.
45. the program that can be read by computer is characterized in that:
Computer is carried out can be according to the hierarchical relationship of representing with the directed graph that does not possess loop structure, generate the key information processing method of the key on each node from father node,
This key information processing method comprises
Initial key generates step, and the root node that is positioned at highest order calculates N key; With
Node key generates step, and each node will be generated as M node key about this node according to implementing the value of regulation after to the individual uni-directional function of having implemented stipulated number of the M in the above-mentioned N initial key, wherein, and M≤N.
CN2004800248340A 2003-07-11 2004-07-12 Key information processing method, device thereof Expired - Fee Related CN1846396B (en)

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
JP195729/2003 2003-07-11
JP2003195729 2003-07-11
JP321420/2003 2003-09-12
JP2003321420A JP4208678B2 (en) 2003-07-11 2003-09-12 Key information processing method and apparatus, and program
JP338679/2003 2003-09-29
JP2003338679A JP2005109753A (en) 2003-09-29 2003-09-29 Method and apparatus for processing key information, and program
PCT/JP2004/009946 WO2005018136A1 (en) 2003-07-11 2004-07-12 Key information processing method, device thereof, and program

Publications (2)

Publication Number Publication Date
CN1846396A true CN1846396A (en) 2006-10-11
CN1846396B CN1846396B (en) 2011-09-28

Family

ID=34198741

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2004800248340A Expired - Fee Related CN1846396B (en) 2003-07-11 2004-07-12 Key information processing method, device thereof

Country Status (4)

Country Link
US (1) US7706530B2 (en)
EP (1) EP1650893A4 (en)
CN (1) CN1846396B (en)
WO (1) WO2005018136A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101542966B (en) * 2006-11-16 2013-03-27 索尼株式会社 Information processing device

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100924773B1 (en) * 2002-09-16 2009-11-03 삼성전자주식회사 Method for encrypting and decrypting metadata and method for managing metadata and system thereof
JP4632413B2 (en) * 2004-09-01 2011-02-16 キヤノン株式会社 Information encryption device, information distribution device, control method therefor, computer program, and computer-readable storage medium
JP2006080623A (en) * 2004-09-07 2006-03-23 Canon Inc Information processing method and apparatus, and computer program and computer-readable storage medium
JP4310285B2 (en) 2005-02-09 2009-08-05 キヤノン株式会社 Information processing method and apparatus, computer program, and computer-readable storage medium
JP4993674B2 (en) * 2005-09-09 2012-08-08 キヤノン株式会社 Information processing apparatus, verification processing apparatus, control method thereof, computer program, and storage medium
JP2007081482A (en) * 2005-09-09 2007-03-29 Canon Inc Terminal authentication method, apparatus and program thereof
JP5043421B2 (en) 2005-12-28 2012-10-10 キヤノン株式会社 Information processing apparatus and method
JP2008059561A (en) * 2006-08-04 2008-03-13 Canon Inc Information processing apparatus, data processing apparatus, and methods thereof
KR101213154B1 (en) * 2006-11-16 2012-12-17 삼성전자주식회사 Method of updating key and key update device using the same
KR100938262B1 (en) * 2007-07-18 2010-01-22 한국전자통신연구원 Method for predistributing secret key
JP5270894B2 (en) * 2007-10-01 2013-08-21 キヤノン株式会社 Information processing apparatus, control method therefor, information processing system, and program
US8634553B2 (en) * 2007-11-05 2014-01-21 Sumitomo Electric Industries, Ltd. Encryption key generation device
JP2009135871A (en) * 2007-11-05 2009-06-18 Sumitomo Electric Ind Ltd Method for generating encryption key
US8150850B2 (en) * 2008-01-07 2012-04-03 Akiban Technologies, Inc. Multiple dimensioned database architecture
EP2172896A1 (en) * 2008-10-02 2010-04-07 Nagravision S.A. Value management method in a prepaid device
JP5921120B2 (en) 2011-09-07 2016-05-24 キヤノン株式会社 Information processing apparatus and information processing method
US9020954B2 (en) * 2012-09-28 2015-04-28 International Business Machines Corporation Ranking supervised hashing
CN108063756B (en) 2017-11-21 2020-07-03 阿里巴巴集团控股有限公司 Key management method, device and equipment
TWI707246B (en) * 2018-11-05 2020-10-11 開曼群島商現代財富控股有限公司 Key management system based on distributed multi-layered recursive and method thereof
CN115086730B (en) * 2022-06-16 2024-04-02 平安国际融资租赁有限公司 Subscription video generation method, subscription video generation system, computer equipment and subscription video generation medium

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR970024712A (en) * 1995-10-16 1997-05-30 이데이 노부유키 Encryption method and encryption device and recording method and decryption method and decryption device and recording medium
US5754659A (en) * 1995-12-22 1998-05-19 General Instrument Corporation Of Delaware Generation of cryptographic signatures using hash keys
JPH09182050A (en) 1995-12-26 1997-07-11 Matsushita Electric Ind Co Ltd Scramble transmitter, scramble device and descramble device
JPH1198487A (en) * 1997-09-24 1999-04-09 Mitsubishi Electric Corp Image coder and image decoder
CN1099780C (en) * 1999-12-10 2003-01-22 北京深思洛克数据保护中心 Key transmission and digital signature method
US6891951B2 (en) * 2000-01-21 2005-05-10 Victor Company Of Japan, Ltd. Cryptosystem-related method and apparatus
EP1189432A3 (en) * 2000-08-14 2004-10-20 Matsushita Electric Industrial Co., Ltd. A hierarchical encryption scheme for secure distribution of predetermined content
JP2004140668A (en) 2002-10-18 2004-05-13 Canon Inc Information processing method
JP2004297778A (en) 2003-03-07 2004-10-21 Canon Inc Image data encryption method and apparatus, computer program, and computer-readable storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101542966B (en) * 2006-11-16 2013-03-27 索尼株式会社 Information processing device

Also Published As

Publication number Publication date
EP1650893A1 (en) 2006-04-26
WO2005018136A1 (en) 2005-02-24
EP1650893A4 (en) 2011-07-06
US7706530B2 (en) 2010-04-27
CN1846396B (en) 2011-09-28
US20060149762A1 (en) 2006-07-06

Similar Documents

Publication Publication Date Title
CN1846396A (en) Key information processing method, device thereof, and program
CN1211975C (en) Information processing system and method
CN100336039C (en) Document managing device
CN1207894C (en) Data Hidving and extracting method, system and circuit
CN1276364C (en) Data management apparatus, data management method and computer program
CN1296846C (en) Information transmission system, transmitter, and transmission method as well as information reception system, receiver and reception method
CN1879138A (en) Encryption device, encryption method, and computer program
CN1274107C (en) Encrypted data delivery system
CN1571959A (en) Information processing device, information processing method, and computer program
CN1977250A (en) Computer system and computer program executing encryption or decryption
CN1471005A (en) Information content management system
CN1901446A (en) System and method for processing information using encryption key block
CN1389042A (en) System and mehtod for processing information using encryption key block
CN1426642A (en) Information processing system and method
CN1993975A (en) Information processing system and method, information processing device and method, and program
CN1476580A (en) Content usage authority management system and management method
CN1608361A (en) Digital work protection system, key management apparatus, and user apparatus
CN1426643A (en) Information processing system and method
CN1516837A (en) Apparatus and method for information processing, recording medium and program
CN101053200A (en) Information processing device, information recording medium, contents management system, data processing method, and computer program
CN1808526A (en) Data converting device and data converting method
CN1855112A (en) Content information providing system, content information providing server, content reproduction apparatus, content information providing method, content reproduction method and computer program
CN1286457A (en) Encrypting method and device, and decrypting method and device
CN1241351C (en) Information recording/reproducing appts. and method
CN1216198A (en) Coding method, decoding method, coding device and decoding device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110928

Termination date: 20160712

CF01 Termination of patent right due to non-payment of annual fee